[Snort-users] Scan Proxy

Mitchell Lester mitchl at ...1891...
Tue Apr 24 12:47:08 EDT 2001

"A.L.Lambert" wrote:
> > ALL>         FYI - over the last 2 weeks, I've been seeing the same scans in
> > ALL> HUGE numbers (outpacing ftpd and bind scans sometimes for days on end).
> > ALL> Probably a new worm or some such we'll hear about once someone figures out
> > ALL> what's going on.  :)
> >
> > These are scans to find proxies and open socks proxies. Hacker just go
> > thru them to anonymize part of their activity.
> >
> > Scanning for open porxies is an everyday's hacker job.
>         Yes, but I used to see an average of 5 a day.  In the last 2
> weeks, I've seen as many as 500 in a day.  Either I just wound up on the
> recieving end of a targeted scan, or I'd have to say that there's a new
> tool that does 'Bad Things' to proxies out there.

Could be related to this.....

"U.S., Chinese hackers vow to wage online war"
Chinese hackers, reportedly, will begin a full-out, week-long assault
on U.S.-based computers beginning May 1, escalating the cyberwar
between the two countries. Experts say the Chinese are after quantity
and not necessarily quality hits. U.S. hackers, according to
underground chat rooms, have already begun a massive assault, which
they have dubbed "Chinakiller," on Web sites hosted in China.
SOURCE: Nando Times

Read below for full story:



More information about the Snort-users mailing list